gitea-mirror/PayloadsAllTheThings
1
0
Fork 0
mirror of https://github.com/swisskyrepo/PayloadsAllTheThings.git synced 2025-12-12 07:40:34 -08:00
Code Issues Packages Projects Releases Wiki Activity

Fix markdown style issues in Account Takeover

Browse Source
This commit is contained in:
Swissky
2024-11-13 15:30:33 +01:00
parent a6b3b9dd05
commit 8bc33f8bb7
3 changed files with 144 additions and 162 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
Zip Slip/README.md
View File

@@ -1,7 +1,6 @@
# Zip Slip
> The vulnerability is exploited using a specially crafted archive that holds directory traversal filenames (e.g. ../../shell.php). The Zip Slip vulnerability can affect numerous archive formats, including tar, jar, war, cpio, apk, rar and 7z. The attacker can then overwrite executable files and either invoke them remotely or wait for the system or user to call them, thus achieving remote command execution on the victims machine.
> The vulnerability is exploited using a specially crafted archive that holds directory traversal filenames (e.g. ../../shell.php). The Zip Slip vulnerability can affect numerous archive formats, including tar, jar, war, cpio, apk, rar and 7z. The attacker can then overwrite executable files and either invoke them remotely or wait for the system or user to call them, thus achieving remote command execution on the victims machine.
## Summary
@@ -11,12 +10,10 @@
* [Basic Exploit](#basic-exploit)
* [Additional Notes](#additional-notes)
## Tools
- [ptoomey3/evilarc](https://github.com/ptoomey3/evilarc) - Create tar/zip archives that can exploit directory traversal vulnerabilities
- [usdAG/slipit](https://github.com/usdAG/slipit) - Utility for creating ZipSlip archives
* [ptoomey3/evilarc](https://github.com/ptoomey3/evilarc) - Create tar/zip archives that can exploit directory traversal vulnerabilities
* [usdAG/slipit](https://github.com/usdAG/slipit) - Utility for creating ZipSlip archives
## Methodology
@@ -24,7 +21,6 @@
Any ZIP upload page on the application.
### Basic Exploit
Using [ptoomey3/evilarc](https://github.com/ptoomey3/evilarc):
@@ -40,13 +36,11 @@ ln -s ../../../index.php symindex.txt
zip --symlinks test.zip symindex.txt
```
### Additional Notes
For affected libraries and projects, visit [snyk/zip-slip-vulnerability](https://github.com/snyk/zip-slip-vulnerability)
## References
- [Zip Slip - Snyk - June 5, 2018](https://github.com/snyk/zip-slip-vulnerability)
- [Zip Slip Vulnerability - Snyk - April 15, 2018](https://snyk.io/research/zip-slip-vulnerability)
* [Zip Slip - Snyk - June 5, 2018](https://github.com/snyk/zip-slip-vulnerability)
* [Zip Slip Vulnerability - Snyk - April 15, 2018](https://snyk.io/research/zip-slip-vulnerability)